Re: BGP Route-Map-PBR

Joe Lee · ‎06-14-2013

Hello All-

We have MPLS network via the BGP routing protocol. As you see the diagram, Site A and Site B have two links.

1. In Site A, the Link 1 is only allow 10.10.10.0/24 coming in, and 10.10.100.0/24 going out; In Site B, the Link 1 is only allow 10.10.100.0/24 coming in, and 10.10.10.0/24 going out.

2. Both Link2 to for all the traffic, expcet 10.10.10.0/24 and 10.10.100.0/24.

3. Also, we need to have reduandancy, if Link 1 fails, all the traffic should go to Link 2; If Link 2 fails, all the traffic should go to Link 1.

Any thought?

Regards,

Joe

Sindhu_kumar · ‎06-15-2013

Hi Lee,

By Using Route-map we can achieve this I think. I tested this it working fine as you like .

SITE_A#

SITE_A#sh ip access-lists SUB_10

Standard IP access list SUB_10

10 permit 10.10.10.0, wildcard bits 0.0.0.255 (26 matches)

SITE_A#

SITE_A#sh route-map LINK1_IN

route-map LINK1_IN, permit, sequence 10

Match clauses:

ip address (access-lists): SUB_10

Set clauses:

weight 500

Policy routing matches: 0 packets, 0 bytes

route-map LINK1_IN, permit, sequence 20

Match clauses:

Set clauses:

weight 600

Policy routing matches: 0 packets, 0 bytes

SITE_A#

SITE_A#sh route-map LINK2_IN

route-map LINK2_IN, permit, sequence 10

Match clauses:

ip address (access-lists): SUB_10

Set clauses:

weight 400

Policy routing matches: 0 packets, 0 bytes

route-map LINK2_IN, permit, sequence 20

Match clauses:

Set clauses:

weight 700

Policy routing matches: 0 packets, 0 bytes

SITE_A#

SITE_B#

SITE_B#sh ip access-lists SUB_100

Standard IP access list SUB_100

10 permit 10.10.100.0, wildcard bits 0.0.0.255 (33 matches)

20 deny any log (30 matches)

SITE_B#

SITE_B#sh route-map LINK1_IN

route-map LINK1_IN, permit, sequence 10

Match clauses:

ip address (access-lists): SUB_100

Set clauses:

weight 500

Policy routing matches: 0 packets, 0 bytes

route-map LINK1_IN, permit, sequence 20

Match clauses:

Set clauses:

weight 600

Policy routing matches: 0 packets, 0 bytes

SITE_B#

SITE_B#sh route-map LINK2_IN

route-map LINK2_IN, permit, sequence 10

Match clauses:

ip address (access-lists): SUB_100

Set clauses:

weight 400

Policy routing matches: 0 packets, 0 bytes

route-map LINK2_IN, permit, sequence 20

Match clauses:

Set clauses:

weight 700

Policy routing matches: 0 packets, 0 bytes

SITE_B#

Failover Testing by shutting down the primary link

PC_100_SUB#
PC_100_SUB#sh ip int brief | i up
FastEthernet0/1 10.10.100.2 YES manual up up
PC_100_SUB#
PC_100_SUB#ping 10.10.10.2 re 2

Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 80/110/140 ms
PC_100_SUB#
PC_100_SUB#tra 10.10.10.2

Type escape sequence to abort.
Tracing the route to 10.10.10.2

1 10.10.100.1 28 msec 16 msec 20 msec
2 10.240.186.77 12 msec 44 msec 4 msec
3 192.168.10.2 80 msec 20 msec 64 msec
4 10.240.186.54 136 msec 8 msec 120 msec
5 10.10.10.2 120 msec * 60 msec
PC_100_SUB#

SITE_A#sh int Serial0/0 | i line|/30|Des

Serial0/0 is up, line protocol is up

Description: << VSNL-1st-Link >>

Internet address is 10.240.186.78/30

SITE_A#

SITE_A#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SITE_A(config)#int Serial0/0

SITE_A(config-if)#shut

SITE_A(config-if)#

*Mar 1 06:19:49.846: %BGP-5-ADJCHANGE: neighbor 10.240.186.77 Down Interface flap

SITE_A(config-if)#^Z

SITE_A#

*Mar 1 06:19:51.598: %SYS-5-CONFIG_I: Configured from console by console

*Mar 1 06:19:51.822: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down

SITE_A#

SITE_A#
SITE_A#sh ip bgp
BGP table version is 17, local router ID is 10.240.186.78
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    10.240.186.9                         400 65500 64667 i
*> 10.10.20.0/24    10.240.186.9                         700 65500 64667 i
*> 10.10.100.0/24   0.0.0.0                  0         32768 i
*> 10.10.200.0/24   0.0.0.0                  0         32768 i
SITE_A#

PC_100_SUB#
PC_100_SUB#ping 10.10.10.2 re 2

Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 128/144/160 ms
PC_100_SUB#
PC_100_SUB#tra 10.10.10.2

Type escape sequence to abort.
Tracing the route to 10.10.10.2

1 10.10.100.1 64 msec 24 msec 36 msec
2 10.240.186.9 44 msec 20 msec 20 msec
3 192.168.20.2 76 msec 56 msec 24 msec
4 10.240.186.54 92 msec 48 msec 28 msec
5 10.10.10.2 104 msec * 88 msec
PC_100_SUB#

SITE_A#sh int Serial0/0 | i line|/30|Des

Serial0/0 is administratively down, line protocol is down

Description: << VSNL-1st-Link >>

Internet address is 10.240.186.78/30

SITE_A#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SITE_A(config)#int Serial0/0

SITE_A(config-if)#no shut

SITE_A(config-if)#^Z

SITE_A#

SITE_A#sh ip bgp
BGP table version is 18, local router ID is 10.240.186.78
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    10.240.186.77                        500 65500 64667 i
*                           10.240.186.9                         400 65500 64667 i
* 10.10.20.0/24     10.240.186.77                        600 65500 64667 i
*>                         10.240.186.9                         700 65500 64667 i
*> 10.10.100.0/24   0.0.0.0                  0         32768 i
*> 10.10.200.0/24   0.0.0.0                  0         32768 i
SITE_A#

Failover Testing by shutting down the secondary link

PC_10_SUB#
PC_10_SUB#sh ip int brief | i 10.10
FastEthernet0/1 10.10.10.2 YES manual up up
PC_10_SUB#
PC_10_SUB#traceroute 10.10.200.1

Type escape sequence to abort.
Tracing the route to 10.10.200.1

1 10.10.10.1 56 msec 24 msec 16 msec
2 10.240.186.57 56 msec 36 msec 28 msec
3 192.168.10.1 44 msec 48 msec 68 msec
4 10.240.186.78 128 msec * 88 msec
PC_10_SUB#

SITE_B#sh ip bgp
BGP table version is 5, local router ID is 10.10.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    0.0.0.0                  0         32768 i
*> 10.10.20.0/24    0.0.0.0                  0         32768 i
* 10.10.100.0/24    10.240.186.57                        400 65500 64613 i
*>                         10.240.186.53                        500 65500 64613 i
*> 10.10.200.0/24   10.240.186.57                        700 65500 64613 i
*                           10.240.186.53                        600 65500 64613 i
SITE_B#

SITE_B#sh int Se0/0 | i line|/30|Des

Serial0/0 is up, line protocol is up

Description: << VSNL 2nd Link >>

Internet address is 10.240.186.58/30

SITE_B#

SITE_B#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SITE_B(config)#int Se0/0

SITE_B(config-if)#shu

SITE_B(config-if)#

*Mar 1 06:34:53.414: %BGP-5-ADJCHANGE: neighbor 10.240.186.57 Down Interface flap

SITE_B#
SITE_B#sh ip bgp
BGP table version is 6, local router ID is 10.10.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    0.0.0.0                  0         32768 i
*> 10.10.20.0/24    0.0.0.0                  0         32768 i
*> 10.10.100.0/24   10.240.186.53                        500 65500 64613 i
*> 10.10.200.0/24   10.240.186.53                        600 65500 64613 i
SITE_B#

PC_10_SUB#
PC_10_SUB#traceroute 10.10.200.1

Type escape sequence to abort.
Tracing the route to 10.10.200.1

1 10.10.10.1 92 msec 44 msec 56 msec
2 10.240.186.53 40 msec 76 msec 96 msec
3 192.168.10.1 80 msec 76 msec 72 msec
4 10.240.186.78 92 msec * 108 msec
PC_10_SUB#

Joe Lee · ‎08-18-2013

Hi Sindhu,

Sorry for late reply...business trip for two months. Can you please provide me the configuration for both sites?

Thanks,

Joe